Control Global

Greg McMillan and Stan Weiner Speak with Electrochemical Measurements Expert Jim Gray About the pH Electrode and Its Full Potential as a Measuring Tool

Stan: A measurement is only as good as its calibration. The pH electrode has by far the greatest sensitivity and rangeability of any measurement in the process industry. The electrode can function well in a wide spectrum of process fluids and…

This State of Technology Report is a compendium of the latest trends articles, back-to-basics tutorials, application stories and product solutions recently published in the pages of Control—compiled by the editors and all together here in one convenient eBook.

Despite ongoing advances in instrumentation technology, specifying a flowmeter or level gauge that will reliably perform over the anticipated range of process conditions often remains a complex and subtle engineering task.
Dozens of niche…

Process plants and related facilities such as tank farms are filled with vessels, tanks and similar storage units, and most of these units could benefit from a system to measure, monitor and view inventory on a near real-time basis. "Logistical…

Additional information and wireless connectivity are further improving productivity, reliability and efficiency.

Like other facilities that have been using the HART Communication Protocol for any amount of time, previous recipients of the HART Plant of the Year Award have been busy reaping even more of the benefits the technology provides. These benefits…

BLH Nobel Introduced a System That Quickly and Easily Checks Weighing Systems for Wiring and Mechanical Faults

Load cell weighing systems solve some of the knottiest problems in batch and level control by directly measuring masses of solids and liquids as they're accumulated, dispensed or conveyed. But the load cells must be installed and wired properly, and the load structure must be engineered and constructed correctly to distribute the measured load as axial forces on the cells. What appear on the surface to be simple wiring and construction tasks have caused more than a few problems during commissioning and maintenance due to miswired or poorly made connections, distorted or binding structures, incorrectly installed load cells or rigid connections to adjacent equipment.
Such problems often are not found until a new installation is being…

Recent

Greg McMillan and Stan Weiner Speak with Electrochemical Measurements Expert Jim Gray About the pH Electrode and Its Full Potential as a Measuring Tool

Stan: A measurement is only as good as its calibration. The pH electrode has by far the greatest sensitivity and rangeability of any measurement in the process industry. The electrode can function well in a wide spectrum of process fluids and…

This month, the editors of Control browse the web to get you the latest online resources on loop control. Here's how you can stay in the loop!

This System Is Closed
This is a basic tutorial on closed-loop control systems. It covers the basic definitions and descriptions of how closed-loop systems work, a discussion of closed-loop summing points and how to use them, transfer functions, multi-loop closed-loop systems and closed-loop motor control. The direct link is www.electronics-tutorials.ws/systems/closed-loop-system.html.Electronics Tutorials www.electronics-tutorials.ws
PID Control
VeriCal in-situ calibration verification This is a basic discussion, with illustrations, of the principles of Proportional, Integral, Derivative (PID) and how it is used with controllers. It also covers tuning rules and starting settingf for common control loops. The direct link is at…

Through the looking glass of emerging technologies.

How might we expect emerging technologies to play out in the world of process control? Successfully predicting the future is difficult at best, so we sought out and consulted with industry visionaries and long-term planners to see where there is…

A Frost & Sullivan report, "Programmable Logic Controllers Market," finds that the market earned revenues of $10.37 billion in 2013 and estimates this will reach $14.58 billion in 2018.

According to analyst firm Frost & Sullivan, the global PLC market, which witnessed a strong decline in growth in 2012 due to the uncertain economic scenario in the developed world, has bounced back. Since 2013, it has witnessed positive growth, particularly in the Asia-Pacific region, where the rebound has been fueled by increased activity, especially in the construction, water and wastewater and power industries.
A Frost & Sullivan report, "Programmable Logic Controllers Market," finds that the market earned revenues of $10.37 billion in 2013 and estimates this will reach $14.58 billion in 2018.
In Europe, the need to enhance efficiency and comply with regulations, as well as improve safety and control capabilities, are driving…

Through the looking glass of emerging technologies.

How might we expect emerging technologies to play out in the world of process control? Successfully predicting the future is difficult at best, so we sought out and consulted with industry visionaries and long-term planners to see where there is…

Control Engineering Branches Out to Manage Critical Business Variables Such as Profitability, Risk, Asset Management and Cybersecurity

Most process engineers I talk to look back on the 1970s and 1980s as the heyday of control engineering, and in many ways it was. More engineers were focused on the applications of real-time control theory then than now. And when you look at how far…

The Latest in Computing Technology Is Here

VERSATILE AUTOMATION COMPUTERS These four new computers are designed for the challenging requirements of the machine automation industries. UNO-3073 and UNO-3073GL have Intel Celeron 1.1- MHz and 1.0-MHz processors; UNO-3083G and UNO-3085G have Intel Core i7 2.2- MHz processors. They have up to five PCI/PCIe expansion slots and support high-speed PCIe x16, x8, x4 and x1 cards and legacy PCI cards. Advantech Industrial Automation Group 800-205-7940www.advantech.com/ea
GAME-CHANGING PACs PACSystems RXi, a new control and computing platform, is designed for the needs of the industrial Internet. The core of the product family is a COM Express architecture with multi-core CPUs. Its configurations are unique in the industry, and able to…

Smart Drives, Mechatronics, Variable-Speed Drives and More Power Options

MEDIUM-VOLTAGE AC DRIVE MV1000 medium-voltage ac drives combine compact modular design, high efficiency and a good MTBF rate. Smart Harmonics technology reduces input total harmonic distortion to less than 2.5% without filters, which exceeds the requirements of IEEE519-1992. It also provides galvanic isolation between power input and output, and uses two 5-V step bridges per phase to generate a 17-level, line-to-line voltage output delivered to the motor. Yaskawa800-927-5292
VSD WITH SMARTSAltivar Process is a range of VSDs from 1 hp to 1,500 hp that come with embedded process knowledge, configurable on-board dashboards and a graphical HMI display. An advanced, secure, integrated web server lets operators access technical…

Since the goal is to control loop stability, the choice that gives you the best chance of that is the one to make.

Question:
Is there some general rule on when we should use =% (equal percentage) and when linear control valves? I know that the determining factor is the inherent flow characteristic, the flow vs. lift at constant pressure drop, or something like…

After six decades of developing on/off valve automation solutions, it might seem logical for Emerson Process Management to pause and take a well-deserved breather. But anyone who thinks that doesn't know how this company works. Just like the…

Smart Drives, Mechatronics, Variable-Speed Drives and More Power Options

MEDIUM-VOLTAGE AC DRIVE MV1000 medium-voltage ac drives combine compact modular design, high efficiency and a good MTBF rate. Smart Harmonics technology reduces input total harmonic distortion to less than 2.5% without filters, which exceeds the requirements of IEEE519-1992. It also provides galvanic isolation between power input and output, and uses two 5-V step bridges per phase to generate a 17-level, line-to-line voltage output delivered to the motor. Yaskawa800-927-5292
VSD WITH SMARTSAltivar Process is a range of VSDs from 1 hp to 1,500 hp that come with embedded process knowledge, configurable on-board dashboards and a graphical HMI display. An advanced, secure, integrated web server lets operators access technical…

Through the looking glass of emerging technologies.

How might we expect emerging technologies to play out in the world of process control? Successfully predicting the future is difficult at best, so we sought out and consulted with industry visionaries and long-term planners to see where there is…

Through the looking glass of emerging technologies.

How might we expect emerging technologies to play out in the world of process control? Successfully predicting the future is difficult at best, so we sought out and consulted with industry visionaries and long-term planners to see where there is…

Local automation pros can learn about key industry developments, gain development hours and upgrade their outdoor skills

Automation professionals in the Los Angeles area will be able to update their professional knowledge, explore key automation trends, receive professional development hours, meet leading industry experts—and improve their outdoor skills—when Siemens brings its Process Automation Tour to Bass Pro Shops in Rancho Cucamonga, Calif., on March 26, 2015.
Session topics will include:
Industrial security for process automation, including a review of the standards (IEC 62443), organizations (NIST) and proper implementations of those standards
Alarm management, with a focus on meeting ISA-18.2, condition monitoring of critical assets and improving operator effectiveness
Process safety management update, including how to keep your system compliant…

The GX and GP Products Are the First of a New SmartDAC+ Product Family

Yokogawa has released the GX and GP Series of digital data acquisition systems, products that go far beyond functionality of the original paperless recorder. Complementing Yokogawa's DXA Advanced R4 series, the GX and GP bring some features that are…

Recent

Because Big Data is Really More of the Same Data, Engineers and Other End Users Find Ways to Take Advantage of New Sources of Intelligence

I'm sorry to be a downer at the start of a shiny New Year, but I'm continually reminded that most new and unfamiliar technical concepts are just more of the same old concepts. Big data is really more of the same data. The Internet of Things (IoT)…

Reader says "NERC CIP does not make the grid more secure or reliable."

In response to Joe Weiss' blog post of Jan. 19, I totally disagree about NERC CIP not making the grid more secure or reliable. Just a few reasons. I have seen where control systems were operated without malware and ultimately became infected. At…

Diagnosing a signaled instrument failure is tricky, time-consuming and usually is called for at a most inconvenient time, but better diagnostics are making the task easier.

Physical Layer Diagnostic Improvements
Why is it, after weeks of seemingly trouble-free plant operation, the phone rings on the holiday weekend when the goose is in the oven and the table is set for dinner? Fortunately for me, the crew on shift was…

A badly designed network is often the weakest link in the system.

IoT's Weakest Link
A common conversation among many industrial networking specialists these days revolves around whether we should be distinguishing between wired and wireless networks. WINA, of which I am chairman, is one organization taking a…

We are destined to have a multiplicity of protocols in our facilities.

Regarding, John Rezabek's February On the Bus column: I think we are destined to have a multiplicity of protocols in our facilities. Actuators and sensors will be at the level of the not-Internet of Things; Ethernet makes no sense there. But…

This white paper is the first in a series to outline a new epoch of industrial automation. All aspects of control system reliability, security and lifecycle cost have been rethought from first principles.

Open Secure Automation™ from Bedrock delivers new levels of ICS reliability, embedded security and unified automation performance at much lower life cycle costs. The mission starts with reinventing the backplane. Bedrock's Backplane Module Interconnect (BMI) is designed with an advanced architecture, industrial grade materials and passive fail-safe principles. With a new foundation, automation can be rebuilt. There is no other way.
This white paper is the first in a series to outline a new epoch of industrial automation. All aspects of control system reliability, security and lifecycle cost have been rethought from first principles.
Download the white paper titled "Revolution" and learn more.

Mobility's True Value Lies in Enabling New Possibilities

Rockwell Automation takes seriously the needs of its users to access information when on the go. For years now, they've offered the ability to send text or email notifications to mobile devices or replicate in-plant or desktop user interfaces on…

Reader says "NERC CIP does not make the grid more secure or reliable."

In response to Joe Weiss' blog post of Jan. 19, I totally disagree about NERC CIP not making the grid more secure or reliable. Just a few reasons. I have seen where control systems were operated without malware and ultimately became infected. At…

As project details take shape, look to collaborative platforms and decoupled hardware and software development paths to speed execution efforts

As early project visioning shifts into more detailed engineering, it's time to take a much closer look at how the latest automation technology and project execution methodologies can be brought to bear for project success. Key automation…

Local automation pros can learn about key industry developments, gain development hours and upgrade their outdoor skills

Automation professionals in the Los Angeles area will be able to update their professional knowledge, explore key automation trends, receive professional development hours, meet leading industry experts—and improve their outdoor skills—when Siemens brings its Process Automation Tour to Bass Pro Shops in Rancho Cucamonga, Calif., on March 26, 2015.
Session topics will include:
Industrial security for process automation, including a review of the standards (IEC 62443), organizations (NIST) and proper implementations of those standards
Alarm management, with a focus on meeting ISA-18.2, condition monitoring of critical assets and improving operator effectiveness
Process safety management update, including how to keep your system compliant…

Coca-Cola and GE Lighting Use Proficy Workflow, Historian, iFix HMI SCADA and Portal Software to Streamline Lighting and Refreshment Production

Seeing is believing, and bringing operational information into the light makes it usable by everyone in an enterprise—allowing them all to make faster, more productive decisions.
This enhanced awareness was especially useful at GE Lighting,…

As project details take shape, look to collaborative platforms and decoupled hardware and software development paths to speed execution efforts

As early project visioning shifts into more detailed engineering, it's time to take a much closer look at how the latest automation technology and project execution methodologies can be brought to bear for project success. Key automation…

Find out what certification ABB Canada received and what B&B ELectronics' new name is.

ABB's operations in Canada have been certified by TÜV SÜD as having in place and applying a functional safety management system (FSMS) for the design and engineering of safety instrumented system (SIS) projects in accordance with industry good practice safety standards. These standards include IEC 61508 and IEC 61511 for the integration and implementation of safety instrumented systems. Networking technology provider B&B Electronics has changed its name to B+B SmartWorx. While continuing to develop mission-critical network connectivity technology for remote or demanding environments, B+B SmartWorx is expanding into the emerging Internet of Things market and embedding intelligence throughout the network connectivity stack from edge…

The Department of Homeland Security wants to help you prevent, respond to and recover from cyber attacks.

As we go to press, the U.S. Congress is threatening to suspend funding for the Department of Homeland Security (DHS). Some members are even calling for its dissolution. But assuming it's still around when you read this, you might consider enlisting…

What do 9/11, the Detroit Bomber and ICS Security Have in Common?

By Walt Boyes, Editor in Chief
In his "Unfettered" blog post, "What do 9/11, the Detroit Bomber and ICS Security Have in Common," Joe Weiss makes a really good point: The result of all governments' responses to the Dec. 25 incident on the approach…

Recent

Will Electronic Marshalling Mean the End of the "Bespoke" Enclosure?

Unlike clothing fashions, enclosure styles don't change a lot from year to year. A 40-year-old enclosure doesn't stand out like your dad's leisure suit. After all, a big metal box is pretty much a big metal box, even with the added glitz of…

Centuries of conflict have seen technology develop from cowhides to Kevlar and beyond, but when talking of securing the realm, the image of a knight in shining armor still comes to mind.

The need to protect ourselves is as old as humankind. In the business and manufacturing kingdoms, cyber threats are the foe and OPC is the champion of secure interoperability. As OPC-UA rides off into battle, what kind of armor and weaponry does it have?

Surveying the Battleground

OPC UA interfaces components at all levels of industrial facilities: from top level enterprise management to embedded devices at the process control layer. These systems may involve dealings with customers and suppliers, or interface to critical control and monitoring applications. The opportunity to disrupt these communications and resulting economic impacts or safety and environmental consequences make them attractive targets for industrial sabotage. OPC-UA can be deployed in a diverse range of operational environments with varying degrees of risk and security mechanisms. Therefore, OPC-UA must provide a wide and flexible set of security mechanisms.

Knight in Shining Armor

Realistically no singular security implementation or mechanism can ride in and protect against every conceivable threat. Fundamentally, information system security reduces the damage from attacks by identifying system threats and vulnerabilities then providing countermeasures. The countermeasures reduce vulnerabilities directly, counteract threats, or recover from successful attacks. Protecting industrial automation systems means meeting a set of objectives which represent the key areas of interest. OPC-UA is designed to meet the following security objectives:

Authentication - Clients, servers, and users should prove their identities based on something the entity knows.Authorization - The access to read, write, or execute resources should be authorized for only those entities that have a need for that function within the requirements of the system. The granularity of Authorization can be high level, such as server access or finely tuned such as allowing specific actions on specific information items by specific users.Confidentiality - Data must be protected from passive attacks such as eavesdropping by using data encryption algorithms.Integrity - Receivers must receive the same information that the sender sent without the data being changed during transmission. Integrity can be threatened by communication hijacking or by altering or replaying messages.Auditability  System usage must be checked to ensure the security measures are effective. Rigorous audits provide evidence of secure operation to stakeholders. The system supports auditing by recording events that are evidence of security working both well and poorly. These events include new connections, configuration changes, and security error responses to calls.Availability - Availability is impaired when the execution of software that needs to run is disrupted or the communication system is overwhelmed by processing input.

These security objectives have been refined through many years of experience in providing security for information systems. Despite the ever-changing threats to systems, these primary objectives generally remain constant.

Know Thy Enemy - The Rogues Gallery

In order to determine if your protection is adequate, it is first important to know who the adversary will most likely be. In terms of information system security that means knowing the threats to environments in which OPC-UA is deployed. OPC-UA provides systems and countermeasure for the following threats:

Message Flooding - An attacker can send a large volume of messages, or a single message that contains a large number of requests, with the goal of overwhelming the OPC server or supporting components. Message flooding may impair the ability to communicate with an OPC-UA entity and result in denial of service.Eavesdropping - Eavesdropping is the unauthorized disclosure of sensitive information that might result directly in a critical security breach or be used in follow-on attacks.Message Spoofing - An attacker may forge messages from the client or server. By spoofing messages from the client or server, attackers may perform unauthorized operations and avoid detection of their activities.Message Alteration - Network traffic and application layer messages may be captured, modified, and the modified message sent forward to OPC clients and servers. Message alteration allows illegitimate access to a system.Message Replay - Network traffic and valid application messages may be captured and resent to OPC clients and servers at a later stage without modification. An attacker could misinform the user or send in improper command such a command to open a valve but at an improper time.Malformed Messages - An attacker can create invalid messages or data values and send them to OPC-UA clients or servers. The OPC client or server may incorrectly handle the malformed messages and result in such things as the termination of the application or system crash.Server Profiling - An attacker tries to deduce the identity, type, software version, or vendor of the OPC-UA product in order to apply knowledge about specific vulnerabilities in order to mount a more intrusive or damaging attack.Session Hijacking - An attacker injects valid formatted OPC-UA messages into an existing session by taking over a session.Rogue Server - An attacker builds a malicious OPC-UA server or installs an unauthorized instance of a genuine OPC-UA server.Compromising User Credentials - An attacker obtains user credentials such as usernames, passwords, certificates, or keys. An unauthorized user could launch and access the system to obtain all information and make control and data changes that harm plant operation or information. Once compromised credentials are used, subsequent activities may all appear legitimate.

Meeting the Charge

After the lay of the land is known, and the measure of the opponent taken, the next step is to tighten the straps and check for chinks in the armor. OPC-UA is well designed to reconcile the security objectives against the threats ranged against it.

OPC-UA minimizes the loss of availability caused by Message Flooding by minimizing the amount of processing that must be done with a message before the message is authenticated. This prevents an attacker from leveraging a small amount of effort to cause the legitimate OPC-UA Application to spend a large amount of time responding. OPC-UA provides well-defined encryption and decryption to protect against Eavesdropping and other passive attacks. Message Spoofing and Message Alteration are countered by the ability to sign messages and by providing valid session identification. The session identification along with individual message timestamps and sequence numbers also ensure Message Replay does not occur without detection. OPC UA specifies the proper form and parameter range that OPC-UA clients and server products must check for in order to protect against Malformed Messages. Security issues such as Server Profiling, Session Hijacking, Rogue Servers and Compromised User Credentials are countered by limiting and encrypting the information provided between clients and servers.

Solid Armor is Just Part of the Protection

A knight riding into battle can only rely on armor for so much. The right helmet, shield and weapons are also required. More importantly, no one wins the fight alone. Even the knight in shining armor looks to his cavalry and archers for support. OPC-UA provides well-rounded security measures that are designed to integrate into a sites overall Cyber Security Management system. Such systems address policy and procedures, personnel, responsibilities, audits, and physical security of a site. Resulting security controls implement a defense-in-depth strategy that provides multiple security layers and recognizes that no single layer can protect against all attacks.

The OPC-UA specifications place key security requirements upon conformant client and server products. They also provide best-practice deployment recommendations in order to meet the anticipated security needs of users. Clearly, OPC-UA is well equipped to secure system interoperability within its realm.

Biweekly updates delivering feature articles, headlines with direct links to the top
news stories that are critical to staying up to date on the industry — company news,
product announcements, technical issues and more. Subscribe Today.